{"vulnerability": "CVE-2024-21683", "sightings": [{"uuid": "26eff177-be3b-4878-a733-00f307346138", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "28fb92ef-8a25-40c2-893c-82d75fc5cb23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-01)", "content": "", "creation_timestamp": "2025-10-01T00:00:00.000000Z"}, {"uuid": "8fffa5ce-171b-4e95-95bf-6d7bc1f4cb38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-07)", "content": "", "creation_timestamp": "2024-11-07T00:00:00.000000Z"}, {"uuid": "96e4b120-3e0f-45ca-bb85-42d73f708045", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:00.000000Z"}, {"uuid": "68cc4505-f453-406b-bffd-7b0b4e62cfdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-06)", "content": "", "creation_timestamp": "2025-03-06T00:00:00.000000Z"}, {"uuid": "6987c7be-ee91-4e77-ad5c-80825d578fc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-09-18)", "content": "", "creation_timestamp": "2025-09-18T00:00:00.000000Z"}, {"uuid": "2da44c94-1ffb-4ec9-9853-ae0e84fbe86a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:02.000000Z"}, {"uuid": "3fa781fd-a70e-4fe9-b260-6ee1463be338", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-07-23)", "content": "", "creation_timestamp": "2025-07-23T00:00:00.000000Z"}, {"uuid": "02867e58-09a3-4e16-b1c5-5b0b7a5f6c6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-02)", "content": "", "creation_timestamp": "2025-10-02T00:00:00.000000Z"}, {"uuid": "693576e3-0268-45d4-85a3-2ca95444b823", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9240", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-21683 Confluence Post Auth RCE\nURL\uff1ahttps://github.com/XiaomingX/cve-2024-21683-rce\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-29T13:30:34.000000Z"}, {"uuid": "8ae2cef0-a399-4a5f-a1d5-e69232f91a01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/atlassian_confluence_rce_cve_2024_21683.rb", "content": "", "creation_timestamp": "2024-07-11T01:50:17.000000Z"}, {"uuid": "882d3ec7-002e-4d5a-9030-b49c22ed900c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-19)", "content": "", "creation_timestamp": "2026-01-19T00:00:00.000000Z"}, {"uuid": "da3d6c78-f26a-4a9f-808e-14d39a52f122", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/fdda4963-0aa7-4d15-8a8f-969db8f304ca", "content": "", "creation_timestamp": "2025-02-28T23:49:13.272798Z"}, {"uuid": "c8848636-d294-428a-be11-84049981d688", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "Telegram/DUOmhe_CxjvkwL3TRLD9AHWimRROdd1NSsdzANkcr07CMN0", "content": "", "creation_timestamp": "2025-06-09T13:55:03.000000Z"}, {"uuid": "576454a6-07d9-4381-869a-05959fb41e23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7391", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-21683 Post Auth RCE\nURL\uff1ahttps://github.com/W01fh4cker/CVE-2024-21683-RCE\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-23T09:14:49.000000Z"}, {"uuid": "1a0c1cb0-4730-4c08-b5d3-07763d39a07a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7384", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1achained Exploit to achieve unauthenticated RCE on confluence data center and server using the CVE-2024-21683 as RCE and undisclosed auth bypass.\nURL\uff1ahttps://github.com/Arbeys/CVE-2024-21683-PoC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-22T21:57:01.000000Z"}, {"uuid": "d6ad971f-213e-474f-899e-357116105cca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7383", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aPPPwn for webOS TVs - PlayStation 4 PPPoE RCE\nURL\uff1ahttps://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-05-22T19:45:13.000000Z"}, {"uuid": "5ddd1acf-71fc-4857-8b29-ab669e0acf56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/information_security_channel/53714", "content": "CVE-2024-21683 \u2013 Authenticated RCE via \u201cAdd a New Language\u201d in Atlassian Confluence\nhttps://www.offsec.com/blog/cve-2024-21683/\n\nCritical RCE vulnerability (CVE-2024-21683) in Atlassian Confluence Data Center and Server (v5.2\u20138.9.0) allows authenticated users to execute arbitrary code via malicious code macros.\nThe post CVE-2024-21683 \u2013 Authenticated RCE via \u201cAdd a New Language\u201d in Atlassian Confluence (https://www.offsec.com/blog/cve-2024-21683/) appeared first on OffSec (https://www.offsec.com/).", "creation_timestamp": "2025-06-12T21:53:45.000000Z"}, {"uuid": "a6165ba9-5bc8-457f-ab81-c771ca0ceb8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/554", "content": "#cve #poc\n\n\ud83d\udd77CVE-2024-21683: Confluence Data Center RCE\n\n\u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 Confluence.  \u0411\u0430\u0433 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u0432\u0432\u043e\u0434\u0430 \u0432 Confluence REST API. \u042d\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440 Confluence\n\nProof-Of-Concept", "creation_timestamp": "2024-05-23T05:56:34.000000Z"}, {"uuid": "6077d23b-a3dd-4918-8e87-e9c4a38d6ed0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/hydral0gs/2709", "content": "CVE-2024-21683 Authenticated Remote Code Execution in Atlassian Confluence\n\nRead: https://realalphaman.substack.com/p/quick-note-about-cve-2024-21683-authenticated", "creation_timestamp": "2024-05-23T18:21:21.000000Z"}, {"uuid": "97857609-3410-4da5-9ed0-cb3e63d8ff25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/bizone_channel/1240", "content": "\ud83e\udd65 Confluence \u0441\u043d\u043e\u0432\u0430 \u043f\u043e\u0434 \u043f\u0440\u0438\u0446\u0435\u043b\u043e\u043c \u2014 BI.ZONE WAF \u0441\u043f\u0435\u0448\u0438\u0442 \u043d\u0430 \u043f\u043e\u043c\u043e\u0449\u044c\n\nConfluence \u2014 \u0432 \u0442\u043e\u043f\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u0430\u044e\u0449\u0438\u0445 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432: \u043d\u0430 \u043d\u0435\u0433\u043e \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u0441\u044f 21% \u0432\u0435\u0431-\u0430\u0442\u0430\u043a \u043f\u043e \u0438\u0442\u043e\u0433\u0430\u043c \u043f\u0435\u0440\u0432\u043e\u0439 \u0442\u0440\u0435\u0442\u0438 2024 \u0433\u043e\u0434\u0430. \n\n\u041d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430 \u0432 \u043b\u043e\u0433\u0438\u043a\u0435 \u0440\u0430\u0431\u043e\u0442\u044b \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0443.\n\n\u0420\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u043c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435:\n\n\u0427\u0442\u043e \u044d\u0442\u043e \u0437\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c. CVE-2024-21683 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Confluence Data Center \u0438 Confluence Server. \u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e \u043d\u0435\u0439 \u043f\u043e\u044f\u0432\u0438\u043b\u0430\u0441\u044c 21 \u043c\u0430\u044f, \u0430 \u0443\u0436\u0435 \u043a 23 \u043c\u0430\u044f \u0431\u044b\u043b\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u043c\u0438\u043d\u0438\u043c\u0443\u043c 3 \u043f\u0440\u0438\u043c\u0435\u0440\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 (PoC).\n\n\u0427\u0435\u043c \u043e\u043d\u0430 \u043e\u043f\u0430\u0441\u043d\u0430. CVE \u043e\u0446\u0435\u043d\u0438\u043b\u0438 \u0432 8,3 \u0431\u0430\u043b\u043b\u0430 \u0438\u0437 10 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS: \u0434\u043b\u044f RCE-\u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d. \u041e\u0434\u043d\u0430\u043a\u043e \u0443\u0436\u0435 \u0441\u0435\u0439\u0447\u0430\u0441 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b 5 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0432\u0435\u043a\u0442\u043e\u0440\u043e\u0432 \u0430\u0442\u0430\u043a, \u0433\u0434\u0435 CVE-2024-21683 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0441\u0432\u044f\u0437\u043a\u0435 \u0441 \u0442\u0435\u0445\u043d\u0438\u043a\u0430\u043c\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0415\u0441\u0442\u044c \u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 LTS-\u0432\u0435\u0440\u0441\u0438\u044f\u0445 8.5.9 \u0438 7.19.22, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 Confluence Data Center 8.9.1. \u0411\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043e\u0441\u0442\u0430\u043b\u0438\u0441\u044c \u043f\u043e\u0434 \u0443\u0433\u0440\u043e\u0437\u043e\u0439. \n\n\u041a\u0430\u043a \u043f\u043e\u043c\u043e\u0436\u0435\u0442 BI.ZONE WAF. \u0415\u0441\u043b\u0438 \u0432\u044b \u043d\u0435 \u043c\u043e\u0436\u0435\u0442\u0435 \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435, \u043d\u0430\u0448 \u0441\u0435\u0440\u0432\u0438\u0441 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0442 \u043d\u0430\u0434\u0435\u0436\u043d\u0443\u044e \u0437\u0430\u0449\u0438\u0442\u0443 Confluence.\n\n\u041a\u043e\u043c\u0430\u043d\u0434\u0430 BI.ZONE WAF \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0430 \u043f\u0440\u0430\u0432\u0438\u043b\u043e, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0435\u0442 \u0441\u0435\u043c\u0430\u043d\u0442\u0438\u043a\u0438 \u044f\u0437\u044b\u043a\u043e\u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432 \u043f\u0435\u0440\u0435\u0434\u0430\u0432\u0430\u0435\u043c\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0445 \u2014 \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, Runtime.getRuntime().exec() \u0432 Java. \u0410\u043d\u043e\u043c\u0430\u043b\u044c\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u044e\u0442\u0441\u044f, \u0447\u0442\u043e\u0431\u044b \u043d\u0435 \u0434\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435.\n\n\u041f\u0440\u0430\u0432\u0438\u043b\u043e \u0443\u0436\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u0434\u043b\u044f \u0432\u0441\u0435\u0445, \u043a\u0442\u043e \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u0442 Confluence \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e BI.ZONE WAF.\n\n\u0422\u0430\u043a\u0436\u0435 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 BI.ZONE TDR \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043a\u043e\u0440\u0440\u0435\u043b\u044f\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u043f\u043e\u0441\u0442\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.", "creation_timestamp": "2024-05-24T16:00:50.000000Z"}, {"uuid": "28924f7b-b0f0-4600-b038-01b2ae31ac46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/tengkorakcybercrew/9198", "content": "#CVE-2024-21683: #Confluence Data Center #RCE\n\nhttps://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server", "creation_timestamp": "2024-05-29T08:26:51.000000Z"}, {"uuid": "4df469e3-7e60-4d9b-9b34-0921d28484dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "https://t.me/HackingInsights/788", "content": "\u200aCVE-2024-21683: Atlassian Patches RCE Flaw in Confluence Data Center and Server\n\nhttps://securityonline.info/cve-2024-21683-atlassian-patches-rce-flaw-in-confluence-data-center-and-server/", "creation_timestamp": "2024-05-22T16:49:37.000000Z"}, {"uuid": "26b1bc11-f018-4b4a-88f6-1d81d39e9cc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/tengkorakcybercrewz/9093", "content": "#CVE-2024-21683: #Confluence Data Center #RCE\n\nhttps://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server", "creation_timestamp": "2024-05-29T08:25:38.000000Z"}, {"uuid": "51321c2d-d62a-4e5d-9627-b06451b8558d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/4499", "content": "https://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server", "creation_timestamp": "2024-05-29T11:57:21.000000Z"}, {"uuid": "05f7459c-81fe-4a89-bed5-e96367415b56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "Telegram/z1ej_dZCcT4CqmtBZlxBnyID80I2736dsSP7we9ggdXGYbc", "content": "", "creation_timestamp": "2024-05-27T10:46:40.000000Z"}, {"uuid": "d19cc343-4eab-4144-bc4e-266069207f7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/169", "content": "Tools - Hackers Factory\n\nCookieKatz\n\nA project that allows operators to dump cookies from Chrome, Edge or Msedgewebview2 directly from the process memory. Chromium based browsers load all their cookies from the on-disk cookie database on startup.\n\n\u2022 Support dumping cookies from Chrome's Incogntio and Edge's In-Private processes\n\u2022 Access cookies of other user's browsers when running elevated\n\u2022 Dump cookies from webview processes\n\u2022 No need to touch on-disk database file\n\u2022 DPAPI keys not needed to decrypt the cookies\n\u2022 Parse cookies offline from a minidump file\n\nhttps://github.com/Meckazin/ChromeKatz\n\nTotalRecall\n\nThis tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.\n\nhttps://github.com/xaitax/TotalRecall\n\nsmbclient-ng, a fast and user friendly way to interact with SMB shares. \n\nhttps://github.com/p0dalirius/smbclient-ng\n\nmacOS Malware Collection \n\nhttps://github.com/objective-see/Malware\n\nDocumentation and scripts to properly enable Windows event logs. \n\nhttps://github.com/Yamato-Security/EnableWindowsLogSettings\n\nEDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual. \n\nhttps://github.com/SafeBreach-Labs/EDRaser\n\nCVE-2024-21683 Confluence Post Auth RCE \n\nhttps://github.com/W01fh4cker/CVE-2024-21683-RCE?tab=readme-ov-file\n\nThe following query will detect execution of the Rclone command-line program which is related to ransomware exfiltration activity.\n\nhttps://github.com/cyb3rmik3/KQL-threat-hunting-queries/blob/main/02.ThreatDetection/rclone-use-detection.md\n\nA wordlist of API names used for fuzzing web application APIs.\n\nhttps://github.com/Net-hunter121/API-Wordlist\n\nA slightly more fun way to disable windows defender + firewall. (through the WSC api) \n\nhttps://github.com/es3n1n/no-defender\n\n#HackersFactory", "creation_timestamp": "2024-06-17T14:10:28.000000Z"}, {"uuid": "3bb27ab4-7830-4aa6-b4c5-8ac6660db6bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "Telegram/gztBLeHiFLVGngU82zOANxasieCKF4vpHOyTY7sDptXaxLw", "content": "", "creation_timestamp": "2024-05-23T18:07:38.000000Z"}, {"uuid": "4f51a5e5-f129-4d4d-b9d0-2fd1f17af907", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7921", "content": "Tools - Hackers Factory\n\nCookieKatz\n\nA project that allows operators to dump cookies from Chrome, Edge or Msedgewebview2 directly from the process memory. Chromium based browsers load all their cookies from the on-disk cookie database on startup.\n\n\u2022 Support dumping cookies from Chrome's Incogntio and Edge's In-Private processes\n\u2022 Access cookies of other user's browsers when running elevated\n\u2022 Dump cookies from webview processes\n\u2022 No need to touch on-disk database file\n\u2022 DPAPI keys not needed to decrypt the cookies\n\u2022 Parse cookies offline from a minidump file\n\nhttps://github.com/Meckazin/ChromeKatz\n\nTotalRecall\n\nThis tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.\n\nhttps://github.com/xaitax/TotalRecall\n\nsmbclient-ng, a fast and user friendly way to interact with SMB shares. \n\nhttps://github.com/p0dalirius/smbclient-ng\n\nmacOS Malware Collection \n\nhttps://github.com/objective-see/Malware\n\nDocumentation and scripts to properly enable Windows event logs. \n\nhttps://github.com/Yamato-Security/EnableWindowsLogSettings\n\nEDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual. \n\nhttps://github.com/SafeBreach-Labs/EDRaser\n\nCVE-2024-21683 Confluence Post Auth RCE \n\nhttps://github.com/W01fh4cker/CVE-2024-21683-RCE?tab=readme-ov-file\n\nThe following query will detect execution of the Rclone command-line program which is related to ransomware exfiltration activity.\n\nhttps://github.com/cyb3rmik3/KQL-threat-hunting-queries/blob/main/02.ThreatDetection/rclone-use-detection.md\n\nA wordlist of API names used for fuzzing web application APIs.\n\nhttps://github.com/Net-hunter121/API-Wordlist\n\nA slightly more fun way to disable windows defender + firewall. (through the WSC api) \n\nhttps://github.com/es3n1n/no-defender\n\n#HackersFactory", "creation_timestamp": "2024-06-08T11:25:07.000000Z"}, {"uuid": "576d826b-ec30-45dc-b1e3-4ab44b30b117", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/tengkorakcybercrewz/1742", "content": "#CVE-2024-21683: #Confluence Data Center #RCE\n\nhttps://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server", "creation_timestamp": "2024-05-29T08:25:38.000000Z"}, {"uuid": "ad3f4962-01bc-4960-b019-857efec0590c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/GhostsForum/21897", "content": "Tools - Hackers Factory\n\nCookieKatz\n\nA project that allows operators to dump cookies from Chrome, Edge or Msedgewebview2 directly from the process memory. Chromium based browsers load all their cookies from the on-disk cookie database on startup.\n\n\u2022 Support dumping cookies from Chrome's Incogntio and Edge's In-Private processes\n\u2022 Access cookies of other user's browsers when running elevated\n\u2022 Dump cookies from webview processes\n\u2022 No need to touch on-disk database file\n\u2022 DPAPI keys not needed to decrypt the cookies\n\u2022 Parse cookies offline from a minidump file\n\nhttps://github.com/Meckazin/ChromeKatz\n\nTotalRecall\n\nThis tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.\n\nhttps://github.com/xaitax/TotalRecall\n\nsmbclient-ng, a fast and user friendly way to interact with SMB shares. \n\nhttps://github.com/p0dalirius/smbclient-ng\n\nmacOS Malware Collection \n\nhttps://github.com/objective-see/Malware\n\nDocumentation and scripts to properly enable Windows event logs. \n\nhttps://github.com/Yamato-Security/EnableWindowsLogSettings\n\nEDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual. \n\nhttps://github.com/SafeBreach-Labs/EDRaser\n\nCVE-2024-21683 Confluence Post Auth RCE \n\nhttps://github.com/W01fh4cker/CVE-2024-21683-RCE?tab=readme-ov-file\n\nThe following query will detect execution of the Rclone command-line program which is related to ransomware exfiltration activity.\n\nhttps://github.com/cyb3rmik3/KQL-threat-hunting-queries/blob/main/02.ThreatDetection/rclone-use-detection.md\n\nA wordlist of API names used for fuzzing web application APIs.\n\nhttps://github.com/Net-hunter121/API-Wordlist\n\nA slightly more fun way to disable windows defender + firewall. (through the WSC api) \n\nhttps://github.com/es3n1n/no-defender\n\n#HackersFactory", "creation_timestamp": "2024-06-09T07:58:14.000000Z"}, {"uuid": "df75d7a7-5e77-4dd4-abb9-fb95507fce7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "Telegram/xvA5wY_IY9xuxpVWV2IOO-EbLeQTPzyXdVOh_JVC3vm71ZI", "content": "", "creation_timestamp": "2024-06-26T17:04:06.000000Z"}, {"uuid": "d8dd2216-132c-44dc-abb2-33ed1ef62221", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "Telegram/v_GRUsSBmV1OmGbimRXpdLPlITcHxDsDH6ijn5O_vKUkqgI", "content": "", "creation_timestamp": "2024-05-23T18:22:58.000000Z"}, {"uuid": "9f7683e8-ea8e-4015-99e8-d49f84fed898", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2221", "content": "CVE-2024-21683  0-click RCE\n*\n\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b \u0432\u0435\u0440\u0441\u0438\u0438 \u043e\u0442 Win server 2000 \u0434\u043e Win server 2025\n*\n\u0414\u044b\u0440\u043a\u0430 \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u043b\u0438\u0446\u0435\u043d\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0445 \u0440\u0430\u0431\u043e\u0447\u0438\u0445 \u0441\u0442\u043e\u043b\u043e\u0432 Windows (RDL), \u0432 \u0438\u043d\u0435\u0442 \u0441\u0435\u0439\u0447\u0430\u0441 \u0442\u043e\u0440\u0447\u0438\u0442 170 000 \u0442\u0430\u043a\u0438\u0445 \u0445\u043e\u0441\u0442\u043e\u0432 \n*\n\u041f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043e \u0432 \u0438\u044e\u043b\u0435\n*\nExploit  (\u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u0431\u0430\u043d\u044f\u0442, \u043d\u043e \u043c\u044b \u0441\u043a\u0430\u0447\u0430\u043b\u0438)))\n\n#rce #winsrv", "creation_timestamp": "2024-08-09T07:41:14.000000Z"}, {"uuid": "e14fd778-4ba0-4741-a718-20a575f63744", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2092", "content": "CVE-2024-21683\nConfluence Data Center and Server RCE\n*\nPOC - 3 \u0432\u0430\u0440\u0438\u0430\u0442\u0430\n\n#Jirka", "creation_timestamp": "2024-05-23T07:33:22.000000Z"}, {"uuid": "3f257a62-d42a-4c10-af7a-ab7c2efe0513", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/7898", "content": "https://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server", "creation_timestamp": "2024-05-29T11:57:21.000000Z"}, {"uuid": "04c54b6d-6323-4eae-aa5c-0e9240ea36d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "Telegram/Edfbs4MF4C2lY6sjLDcENYH-V9jWpHMuaXJbz7EzSXqLmT4", "content": "", "creation_timestamp": "2024-07-09T06:56:34.000000Z"}, {"uuid": "744d726a-b148-4e7f-a2b6-0ff2a608e081", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6702", "content": "Tools - Hackers Factory\n\nCookieKatz\n\nA project that allows operators to dump cookies from Chrome, Edge or Msedgewebview2 directly from the process memory. Chromium based browsers load all their cookies from the on-disk cookie database on startup.\n\n\u2022 Support dumping cookies from Chrome's Incogntio and Edge's In-Private processes\n\u2022 Access cookies of other user's browsers when running elevated\n\u2022 Dump cookies from webview processes\n\u2022 No need to touch on-disk database file\n\u2022 DPAPI keys not needed to decrypt the cookies\n\u2022 Parse cookies offline from a minidump file\n\nhttps://github.com/Meckazin/ChromeKatz\n\nTotalRecall\n\nThis tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.\n\nhttps://github.com/xaitax/TotalRecall\n\nsmbclient-ng, a fast and user friendly way to interact with SMB shares. \n\nhttps://github.com/p0dalirius/smbclient-ng\n\nmacOS Malware Collection \n\nhttps://github.com/objective-see/Malware\n\nDocumentation and scripts to properly enable Windows event logs. \n\nhttps://github.com/Yamato-Security/EnableWindowsLogSettings\n\nEDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual. \n\nhttps://github.com/SafeBreach-Labs/EDRaser\n\nCVE-2024-21683 Confluence Post Auth RCE \n\nhttps://github.com/W01fh4cker/CVE-2024-21683-RCE?tab=readme-ov-file\n\nThe following query will detect execution of the Rclone command-line program which is related to ransomware exfiltration activity.\n\nhttps://github.com/cyb3rmik3/KQL-threat-hunting-queries/blob/main/02.ThreatDetection/rclone-use-detection.md\n\nA wordlist of API names used for fuzzing web application APIs.\n\nhttps://github.com/Net-hunter121/API-Wordlist\n\nA slightly more fun way to disable windows defender + firewall. (through the WSC api) \n\nhttps://github.com/es3n1n/no-defender\n\n#HackersFactory", "creation_timestamp": "2024-06-08T11:25:07.000000Z"}, {"uuid": "1ce3a2cb-0ce2-4827-90a6-6418ab52bac7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1489", "content": "CVE-2024-21683: Confluence Auth RCE\n\nhttps://github.com/W01fh4cker/CVE-2024-21683-RCE\n\n#exploit #git #web", "creation_timestamp": "2024-05-24T06:59:49.000000Z"}, {"uuid": "a1aa96b0-b10f-44c3-b640-18c0ebc38f96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "https://t.me/true_secator/5770", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Cybernews \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e \u043d\u043e\u0432\u043e\u0439 \u0430\u0442\u0430\u043a\u0435 \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043c\u0443\u0434\u0430\u043a\u043e\u0432, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432 \u0432 \u0441\u0435\u0442\u0438 224 962 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 Atlassian Confluence Data Center \u0438 Confluence Server.\n\n\u0422\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u0435 \u0432\u0441\u0435\u0433\u043e (\u043c\u0443\u0434\u0430\u043a\u043e\u0432) \u0438\u0445 \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0432 \u0421\u0428\u0410 (53 195) \u0438 \u042f\u043f\u043e\u043d\u0438\u0438 (22 007), \u043d\u043e \u0438 \u0432\u043e \u0424\u0440\u0430\u043d\u0446\u0438\u0438 (11 562) \u0438 \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u0438 (11 373) - \u0442\u043e\u0436\u0435 \u0438\u043c\u0435\u044e\u0442\u0441\u044f. \n\n\u041f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0432\u0441\u0435 \u043e\u043d\u0438 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u044e\u0442\u0441\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044e \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-21683 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 8,3.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c, \u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u043f\u043e\u0440\u043d\u043e\u0439 \u0442\u043e\u0447\u043a\u0438 \u0434\u043b\u044f \u043f\u0440\u043e\u0434\u0432\u0438\u0436\u0435\u043d\u0438\u044f \u0432\u043d\u0443\u0442\u0440\u0438 \u0441\u0435\u0442\u0438.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0432 Atlassian Confluence Data Center \u0438 Confluence Server \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430, \u043d\u043e \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u044d\u0442\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0434\u0435\u0444\u0435\u043a\u0442\u044b \u0441\u0435\u0440\u043e\u0433\u043e \u0432\u0435\u0449\u0435\u0441\u0442\u0432\u0430 \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0430\u043c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0441\u043e\u0442\u0435\u043d \u0442\u044b\u0441\u044f\u0447 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c.\n\n\u041f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u0432 \u0441\u0430\u043c\u043e\u0435 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u044d\u0442\u0438\u043c \u0437\u0430\u0439\u043c\u0443\u0442\u0441\u044f \u0431\u0430\u043d\u0434\u044b \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 APT, \u043f\u0440\u0430\u0432\u0434\u0430 \u0437\u0430 \u043b\u0435\u0447\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u0437\u0430\u043f\u043b\u0430\u0442\u0438\u0442\u044c.", "creation_timestamp": "2024-05-23T14:40:05.000000Z"}, {"uuid": "95c4d6d8-394e-4580-bd80-3dd1fc714128", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "exploited", "source": "https://t.me/true_secator/5782", "content": "\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, \u043a\u0430\u043a \u043c\u044b \u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u043b\u0438, \u0437\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e RCE CVE-2024-21683 \u0441 CVSS 8,3 \u0432 Atlassian Confluence Data Center \u0438 Confluence Server \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0442\u0435\u043f\u0435\u0440\u044c \u043f\u0440\u0438\u043c\u0443\u0442\u0441\u044f \u0431\u0430\u043d\u0434\u044b \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 APT.\n\n\u041e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0425\u0443\u043e\u043d\u0433 \u041a\u0438\u0435\u0443 \u0432\u044b\u043a\u0430\u0442\u0438\u043b PoC, \u0430 \u0432 \u0441\u0435\u0442\u0438 \u0432\u0438\u0441\u044f\u0442 \u0434\u0435\u0441\u044f\u0442\u043a\u0438 \u0442\u044b\u0441\u044f\u0447 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432, \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u044f \u0448\u0438\u0440\u043e\u043a\u0438\u0439 \u043f\u0440\u043e\u0441\u0442\u043e\u0440 \u0434\u043b\u044f \u043c\u0430\u0441\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a \u0441 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0439 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c \u0447\u0435\u0440\u0435\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0442\u043e\u0447\u043a\u0443 \u043e\u043f\u043e\u0440\u044b.\n\n\u0411\u043b\u0430\u0433\u043e, \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u0435 \u0432\u0441\u0435\u0433\u043e \u043f\u043e\u0441\u0447\u0430\u0441\u0442\u043b\u0438\u0432\u0438\u0442\u0441\u044f \u0432\u0441\u0442\u0440\u043e\u0438\u0442\u044c\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0443 \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 (\u043c\u0443\u0434\u0430\u043a\u043e\u0432) \u0421\u0428\u0410 (53 195) \u0438 \u042f\u043f\u043e\u043d\u0438\u0438 (22 007), \u043d\u043e \u0424\u0440\u0430\u043d\u0446\u0438\u0438 (11 562) \u0438 \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u0438 (11 373) - \u0442\u043e\u0436\u0435 \u043d\u0435\u043f\u043e\u0437\u0434\u043e\u0440\u043e\u0432\u0438\u0442\u044c\u0441\u044f.\n\n\u0411\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2024-05-27T16:00:53.000000Z"}, {"uuid": "cec41698-be03-4ff7-a1a3-5b3d8a08de7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "Telegram/iYuF1ij8GVX9NZlgjiDkoapzUE0BR5ziHKPfQnrl3j_r0bE", "content": "", "creation_timestamp": "2024-11-03T18:29:35.000000Z"}, {"uuid": "f8a5c249-de37-4bb2-b14d-d8de8324cb01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2529", "content": "https://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server/\n\nCVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server\n#github #exploit", "creation_timestamp": "2024-05-23T07:33:56.000000Z"}, {"uuid": "bda28d03-ac33-4c60-a8aa-7f4d33bede81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2534", "content": "https://github.com/W01fh4cker/CVE-2024-21683-RCE\n\ncve-2024-21683\n#github #poc", "creation_timestamp": "2024-05-24T08:52:49.000000Z"}, {"uuid": "9f9d1afc-27ce-41cf-98ee-a99cd2306185", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "https://t.me/club31337/2088", "content": "https://nsfocusglobal.com/confluence-remote-code-execution-vulnerability-cve-2024-21683-notification/\n\n\u269c\ufe0f @club1337", "creation_timestamp": "2024-11-11T02:18:31.000000Z"}, {"uuid": "e375d445-8484-403d-b2c7-a490f093d995", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10556", "content": "#exploit\nConfluence Data Center Post Auth RCE\n]-&gt; https://github.com/W01fh4cker/CVE-2024-21683-RCE", "creation_timestamp": "2024-05-24T13:33:20.000000Z"}]}